Overview

overview

10

Static

static

10

0ef177fba5...aa.exe

windows7-x64

10

0ef177fba5...aa.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0ef177fba510bf96acaa0663c7af8c27369652f6746282f85f53d7ec92f430aa.exe

  • Size

    707KB

  • MD5

    4b0bf8b067b097335c760fce662a0bf1

  • SHA1

    78f45badfd8ddecce7dbcf6a695be0c4c53f7c1e

  • SHA256

    0ef177fba510bf96acaa0663c7af8c27369652f6746282f85f53d7ec92f430aa

  • SHA512

    14cc9db6450bfefb93b3f2fa50f77757873a0b89f6d552571e1aba93a5683a90e18cc81c787111aab6f1b1b1f8983bb4f8b1dbfa237bf7f80097ba73ce1d91dd

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1D8nvnh:6uaTmkZJ+naie5OTamgEoKxLWCvh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0ef177fba510bf96acaa0663c7af8c27369652f6746282f85f53d7ec92f430aa.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections